我恢复系统后的诊断报告
==============================================================
金山清理专家系统诊断报告
该诊断报告由金山清理专家提供
http://www.duba.net
==============================================================
诊断时间: 2008-07-07, 17:17
诊断平台: Windows XP [5.1.2600] Service Pack 2
IE版本: Internet Explorer V6.0.2180.2900
计算机物理内存: 510(MB)
当前可用内存: 256(MB)
硬盘总大小: 73(GB)
硬盘可用空间: 62(GB)
清理专家版本: 2008.06.26.422
恶意软件库版本: 2008.07.02.1
漏洞库版本: 2008.06.26.1
==============================================================
登陆加载项
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
[Shell] <Explorer.exe>
文件路径: C:\WINDOWS\Explorer.exe [分析中]
==============================================================
启动文件夹位置
==============================================================
Common Startup: C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup: C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
Common Startup: %ALLUSERSPROFILE%\「开始」菜单\程序\启动
==============================================================
文件扩展名关联
==============================================================
.CHM <"hh.exe" %1>
文件路径: C:\WINDOWS\hh.exe [分析中]
==============================================================
Host File
==============================================================
127.0.0.1 localhost
==============================================================
系统服务
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
[DcomLaunch] [已启用] <%SystemRoot%\system32\rpcss.dll>
文件路径: C:\WINDOWS\system32\rpcss.dll [分析中]
[Dhcp] [已启用] <%SystemRoot%\System32\dhcpcsvc.dll>
文件路径: C:\WINDOWS\System32\dhcpcsvc.dll [分析中]
[FastUserSwitchingCompatibility] [已启用] <%SystemRoot%\System32\shsvcs.dll>
文件路径: C:\WINDOWS\System32\shsvcs.dll [分析中]
[HidServ] [已禁用] <%SystemRoot%\System32\hidserv.dll>
[lanmanserver] [已启用] <%SystemRoot%\System32\srvsvc.dll>
文件路径: C:\WINDOWS\System32\srvsvc.dll [分析中]
[lanmanworkstation] [已启用] <%SystemRoot%\System32\wkssvc.dll>
文件路径: C:\WINDOWS\System32\wkssvc.dll [分析中]
[Netman] [已启用] <%SystemRoot%\System32\netman.dll>
文件路径: C:\WINDOWS\System32\netman.dll [分析中]
[RasMan] [已启用] <%SystemRoot%\System32\rasmans.dll>
文件路径: C:\WINDOWS\System32\rasmans.dll [分析中]
[RpcSs] [已启用] <%SystemRoot%\system32\rpcss.dll>
文件路径: C:\WINDOWS\system32\rpcss.dll [分析中]
[ShellHWDetection] [已启用] <%SystemRoot%\System32\shsvcs.dll>
文件路径: C:\WINDOWS\System32\shsvcs.dll [分析中]
[Spooler] [已启用] <%SystemRoot%\system32\spoolsv.exe>
文件路径: C:\WINDOWS\system32\spoolsv.exe [分析中]
[stisvc] [已启用] <%SystemRoot%\system32\wiaservc.dll>
文件路径: C:\WINDOWS\system32\wiaservc.dll [分析中]
[TapiSrv] [已启用] <%SystemRoot%\System32\tapisrv.dll>
文件路径: C:\WINDOWS\System32\tapisrv.dll [分析中]
[Themes] [已启用] <%SystemRoot%\System32\shsvcs.dll>
文件路径: C:\WINDOWS\System32\shsvcs.dll [分析中]
[upnphost] [已启用] <%SystemRoot%\System32\upnphost.dll>
文件路径: C:\WINDOWS\System32\upnphost.dll [分析中]
[WebClient] [已启用] <%SystemRoot%\System32\webclnt.dll>
文件路径: C:\WINDOWS\System32\webclnt.dll [分析中]
==============================================================
驱动程序
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
[aec] [已启用] <system32\drivers\aec.sys>
文件路径: C:\WINDOWS\system32\drivers\aec.sys [分析中]
[FltMgr] [已启用] <system32\DRIVERS\fltMgr.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\fltMgr.sys [分析中]
[HTTP] [已启用] <System32\Drivers\HTTP.sys>
文件路径: C:\WINDOWS\system32\Drivers\HTTP.sys [分析中]
[IpNat] [已启用] <system32\DRIVERS\ipnat.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\ipnat.sys [分析中]
[kmixer] [已启用] <system32\drivers\kmixer.sys>
文件路径: C:\WINDOWS\system32\drivers\kmixer.sys [分析中]
[MRxDAV] [已启用] <system32\DRIVERS\mrxdav.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\mrxdav.sys [分析中]
[MRxSmb] [已启用] <system32\DRIVERS\mrxsmb.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [分析中]
[Rdbss] [已启用] <system32\DRIVERS\rdbss.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\rdbss.sys [分析中]
[SMBios] [已启用] <system32\DRIVERS\SMBios.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\SMBios.sys [分析中]
[splitter] [已启用] <system32\drivers\splitter.sys>
文件路径: C:\WINDOWS\system32\drivers\splitter.sys [分析中]
[Update] [已启用] <system32\DRIVERS\update.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\update.sys [分析中]
[wdmaud] [已启用] <system32\drivers\wdmaud.sys>
文件路径: C:\WINDOWS\system32\drivers\wdmaud.sys [分析中]
==============================================================
当前进程
==============================================================
名称: Explorer.EXE [已启用]
文件路径: C:\WINDOWS\Explorer.EXE [分析中] (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntdll.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\BROWSEUI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHDOCVW.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPTUI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINTRUST.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMAGEHLP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NETAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WININET.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WLDAP32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\UxTheme.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ShimEng.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\AppPatch\AcGenral.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINMM.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSACM32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USERENV.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\appHelp.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\cscui.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\CSCDLL.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\themeui.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSIMG32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\actxprxy.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msutb.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSCTF.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LINKINFO.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ATL.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SETUPAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
模块文件: D:\Program Files\360safe\safemon\safemon.dll (360.CN)
模块文件: C:\WINDOWS\system32\PSAPI.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSTA.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WSOCK32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll (Microsoft Corporation)
模块文件: D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL (Kingsoft Corporation)
模块文件: D:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll (Kingsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\BatMeter.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\POWRPROF.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WTSAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msacm32.drv (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\midimap.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NETSHELL.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rtutils.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\credui.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\iphlpapi.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MPR.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\drprov.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\ntlanman.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\NETUI0.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\NETUI1.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\NETRAP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\SAMLIB.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\davclnt.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RASDLG.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MPRAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ACTIVEDS.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\adsldpc.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RASAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasman.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\TAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
模块文件: d:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL (Kingsoft Corporation)
模块文件: C:\Program Files\WinRAR\rarext.dll
模块文件: C:\WINDOWS\system32\mydocs.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sendmail.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Audiodev.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WMVCore.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WMASF.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wiashext.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sti.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CFGMGR32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SXS.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSISIP.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wshext.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MFC42.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comdlg32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MFC42LOC.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wshCHS.DLL (Microsoft Corporation)
名称: spoolsv.exe [已启用]
文件路径: C:\WINDOWS\system32\spoolsv.exe [分析中] (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntdll.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ShimEng.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\AppPatch\AcGenral.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINMM.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSACM32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USERENV.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\UxTheme.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SPOOLSS.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\DNSAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\iphlpapi.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasadhlp.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\localspl.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sfc_os.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINTRUST.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMAGEHLP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\winspool.drv (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\netapi32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\E_FLMAHP.DLL (SEIKO EPSON CORPORATION)
模块文件: C:\WINDOWS\system32\tcpmon.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\usbmon.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WLDAP32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\win32spl.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NETRAP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NTDSAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\inetpp.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)
==============================================================
协议
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler
<its> <C:\WINDOWS\system32\itss.dll>
文件路径: C:\WINDOWS\system32\itss.dll [分析中]
<mhtml> <C:\WINDOWS\system32\inetcomm.dll>
文件路径: C:\WINDOWS\system32\inetcomm.dll [分析中]
<ms-its> <C:\WINDOWS\system32\itss.dll>
文件路径: C:\WINDOWS\system32\itss.dll [分析中]
==============================================================
IE扩展菜单
==============================================================
该项来源: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
<使用迅雷下载> <d:\Program Files\Thunder Network\Thunder\Program\geturl.htm>
文件路径: d:\Program Files\Thunder Network\Thunder\Program\geturl.htm [分析中]
<使用迅雷下载全部链接> <d:\Program Files\Thunder Network\Thunder\Program\getallurl.htm>
文件路径: d:\Program Files\Thunder Network\Thunder\Program\getallurl.htm [分析中]
==============================================================
ActiveX控件
==============================================================
该项来源: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats
[Thunder Agent Class]
<{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> <d:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll>
文件路径: d:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll [分析中]
==============================================================
其他安全区域
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
[显示摇曳 CPL 扩展] <deskpan.dll>
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs
[ole32] <ole32.dll>
文件路径: C:\WINDOWS\system32\ole32.dll [分析中]
[olecnv32] <olecnv32.dll>
文件路径: C:\WINDOWS\system32\olecnv32.dll [分析中]
[user32] <user32.dll>
文件路径: C:\WINDOWS\system32\user32.dll [分析中]
